Link to home
Create AccountLog in
Avatar of Vorcht12
Vorcht12

asked on

Port a Perl script to PHP

In another experts exchange post, a member helped me create a script that can generate a particular Hex string out of any password you feed it.  Problem is he created it in a pretty efficient perl command, which I can't pretend to read.  I also don't have much experience with Hex overall, so i'm in unfamiliar territory.  

I am looking for a PHP function that will take a single string parameter (a password) and return it's obfuscated hex string.  The example I am supplying was designed to take many passwords and generate many output strings, but I simply want one per function call.

The original Experts Exchange posting is: http://www.experts-exchange.com/Security/Encryption/Q_28134108.html.

Example 1:
perl -le 'for( @ARGV ){$x=0;$x^=$_ for @x=unpack"C*",$_;$x||=0x55; $_+=$x for @x; print unpack("H*",pack"C*",0x7f,$x,@x),"  $_"}' a b c aa bb cc aaa bbb ccc ab ac ad aab aac aad aaaaaaaaaa bbbbbbbbbb  aaaaaaaaab

Open in new window

Generates this:
7f61c2  a
7f62c4  b
7f63c6  c
7f55b6b6  aa
7f55b7b7  bb
7f55b8b8  cc
7f61c2c2c2  aaa
7f62c4c4c4  bbb
7f63c6c6c6  ccc
7f036465  ab
7f026365  ac
7f056669  ad
7f62c3c3c4  aab
7f63c4c4c6  aac
7f64c5c5c8  aad
7f55b6b6b6b6b6b6b6b6b6b6  aaaaaaaaaa
7f55b7b7b7b7b7b7b7b7b7b7  bbbbbbbbbb
7f0364646464646464646465  aaaaaaaaab

Open in new window


Example 2:
perl -le 'for( @ARGV ){$x=0;$x^=$_ for @x=unpack"C*",$_;$x||=0x55; $_+=$x for @x; print unpack("H*",pack"C*",0x7f,$x,@x),"  $_"}' x y z yy yz zy zz za zb az bz ba aba abb baa bab bba aaaa aaab aaba abaa baaa bbbb bbba bbab babb abbb 

Open in new window

Generates this:
7f78f0  x
7f79f2  y
7f7af4  z
7f55cece  yy
7f037c7d  yz
7f037d7c  zy
7f55cfcf  zz
7f1b957c  za
7f18927a  zb
7f1b7c95  az
7f187a92  bz
7f036564  ba
7f62c3c4c3  aba
7f61c2c3c3  abb
7f62c4c3c3  baa
7f61c3c2c3  bab
7f61c3c3c2  bba
7f55b6b6b6b6  aaaa
7f0364646465  aaab
7f0364646564  aaba
7f0364656464  abaa
7f0365646464  baaa
7f55b7b7b7b7  bbbb
7f0365656564  bbba
7f0365656465  bbab
7f0365646565  babb
7f0364656565  abbb

Open in new window


What I am looking for would be something like:
<?php
function encodepassword($str) {
// do the magic

return $encoded;
}

echo  encodepassword('aaab');  // should echo '7F0364646465'
?>

Open in new window


From what I can tell, the encoded string is composed of:
First hex pair is always 7F
Second hex pair is xor of all characters, except replace 00 with 55
Following hex pairs each represent a character in the password, but the second hex pair is subtracted from it
If you need more info just ask or look at the other thread.
Avatar of Ray Paseur
Ray Paseur
Flag of United States of America image

Please give me an example of how to figure out the second hex character, thanks.

Please see http://www.laprbass.com/RAY_temp_vorcht12.php

It appears that the second hex character, when converted to binary and subtracted from the value of the other hex characters, results in the binary value of the original clear-text character.  So I can decode the coded strings into the original clear-text.  What I still do not understand is the original mechanism for choosing the second hex character, and as you can see from this example, it could be any of a variety of things -- and still produce an encoded string that can be decoded consistently.

<?php // RAY_temp_vorcht12.php
error_reporting(E_ALL);
echo '<pre>';

// PHP <= 5.3 SEE NOTES: http://php.net/manual/en/function.hex2bin.php

// SOME TEST DATA
$dat = array
( '7F78F0' => 'x'
, '7F79F2' => 'y'
, '7F7AF4' => 'z'
, '7F55CECE' => 'yy'
, '7F037C7D' => 'yz'
, '7F037D7C' => 'zy'
, '7F55CFCF' => 'zz'
, '7F1B957C' => 'za'
, '7F18927A' => 'zb'
, '7F1B7C95' => 'az'
, '7F187A92' => 'bz'
, '7F036564' => 'ba'
, '7F62C3C4C3' => 'aba'
, '7F61C2C3C3' => 'abb'
, '7F62C4C3C3' => 'baa'
, '7F61C3C2C3' => 'bab'
, '7F61C3C3C2' => 'bba'
, '7F55B6B6B6B6' => 'aaaa'
, '7F0364646465' => 'aaab'
, '7F0364646564' => 'aaba'
, '7F0364646564' => 'abaa'
, '7F0365646464' => 'baaa'
, '7F55B7B7B7B7' => 'bbbb'
, '7F0365656564' => 'bbba'
, '7F0365656465' => 'bbab'
, '7F0365646565' => 'babb'
, '7F0364656565' => 'abbb'
, '7f55b6b6b6b6b6b6b6b6b6b6' => 'aaaaaaaaaa'
, '7f55b7b7b7b7b7b7b7b7b7b7' => 'bbbbbbbbbb'
, '7f0364646464646464646465' => 'aaaaaaaaab'

// THESE WORK TOO
, '7F79F1' => 'x'
, '7F7AF2' => 'x'
, '7F7BF3' => 'x'
)
;

foreach ($dat as $key => $str)
{
    // SAVE THIS VALUE FOR PRINTING
    $old = $key;

    // DISCARD THE 7F
    $key = substr($key,2);

    // GRAB THE OFFSET VALUE
    $off = pack("H*", substr($key,0,2));
    $off = ord($off);

    // SPLIT REMAINING HEX SUBSTRINGS INTO CHARACTERS
    $key = substr($key,2);
    $arr = str_split($key,2);

    // SUBTRACT THE OFFSET VALUE FROM THE BINARY
    $chr = NULL;
    foreach ($arr as $ord)
    {
        $ord = pack("H*", $ord);
        $ord = ord($ord);
        $num = $ord - $off;

        // RENDER THE BINARY VALUE AS A CHARACTER
        $chr .= chr($num);
    }

    // REPORT THE RESULTS
    echo PHP_EOL . "$old => $str => $chr";
}

Open in new window

Avatar of Vorcht12
Vorcht12

ASKER

First, I want to make sure you are doing this in the right direction.  The characters on the right are what will be supplied (like 'aaba'), and what I want to create is the hex version.

The second hex set is supposedly a xor of all the characters in the string, except when that value is 00, it is replaced with a 55.  Ozo in the other thread identified that pattern, how I am not sure.  The perl script computes it correctly for all the examples I have provided so far.
Yes, I'm doing it in the right direction - I was just working with the pattern I could identify.  If I'm right about how the XOR is computed, I can show you an encode and decode function in a little while.

Is the XOR for  "abc" going to be computed by a XOR b = x, then x XOR c = final bitmap?
I'm not sure about the calculation.  I've posted for clarification in the other thread.  Does that method create the appropriate value with the posted examples?
ASKER CERTIFIED SOLUTION
Avatar of Ray Paseur
Ray Paseur
Flag of United States of America image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Nicely done Ray!  Thanks a bunch, exactly what I needed.  Tests out perfectly.

--David
Thanks a bunch!
Thanks for the points and good luck with your project, ~Ray